Bug 176558 - stopping iptables hang system for a while
stopping iptables hang system for a while
Status: CLOSED CANTFIX
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Dave Jones
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-12-26 07:15 EST by Kaj J. Niemi
Modified: 2015-01-04 17:23 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-12-27 17:29:28 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Kaj J. Niemi 2005-12-26 07:15:08 EST
Description of problem:

Dec 26 15:13:44 localhost kernel: BUG: soft lockup detected on CPU#0!
Dec 26 15:13:44 localhost kernel:
Dec 26 15:13:44 localhost kernel: Pid: 3379, comm:             modprobe
Dec 26 15:13:44 localhost kernel: EIP: 0060:[<f8e8d1b8>] CPU: 0
Dec 26 15:13:44 localhost kernel: EIP is at ip_ct_iterate_cleanup+0x5c/0x68
[ip_conntrack]
Dec 26 15:13:44 localhost kernel:  EFLAGS: 00200246    Tainted: P      
(2.6.14-1.1786_FC5)
Dec 26 15:13:44 localhost kernel: EAX: df925f64 EBX: df925f64 ECX: df604f4c EDX:
ef7e7ab0
Dec 26 15:13:44 localhost kernel: ESI: df925eac EDI: 00000000 EBP: f8e8d2ae DS:
007b ES: 007b
Dec 26 15:13:44 localhost kernel: CR0: 8005003b CR2: 09e18aa0 CR3: 1f412000 CR4:
000006d0
Dec 26 15:13:44 localhost kernel:  [<f8e8d2ed>] ip_conntrack_cleanup+0x19/0x6a
[ip_conntrack]     [<f8e8b803>] init_or_cleanup+0x24b/0x24f [ip_conntrack]
Dec 26 15:13:44 localhost kernel:  [<c01309f7>] sys_delete_module+0x12d/0x16a  
  [<c014b6b7>] do_munmap+0xd0/0xe6
Dec 26 15:13:44 localhost kernel:  [<c0102d61>] syscall_call+0x7/0xb
Dec 26 15:13:44 localhost kernel: Removing netfilter NETLINK layer.

Version-Release number of selected component (if applicable):
kernel-2.6.14-1.1786_FC5.i686

How reproducible:
Pretty much always

Steps to Reproduce:
1. Use system normally
2. /sbin/service iptables stop (or restart)
3.
  
Actual results:
Hangs for a while or deadlocks completely

Expected results:
Shouldn't hang ;)

Additional info:
I had the Cisco VPN Client enabled when the latest hang happened but it happens
without cisco_ipsec as well.

/etc/sysconfig/iptables:
*filter
:INPUT ACCEPT [0:0]
-A INPUT -p 50 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -p udp --sport 500 --dport 500 -j
ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -p udp --sport 4500 --dport 4500
-j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT
-A INPUT -j REJECT

:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]

# Allow all traffic in both directions through the VA adapter
-A INPUT -i cipsec0 -j ACCEPT
-A OUTPUT -o cipsec0 -j ACCEPT

COMMIT
Comment 1 Dave Jones 2005-12-27 17:29:28 EST
please reopen with an untainted oops.

Note You need to log in before you can comment on or make changes to this bug.